ExamGecko
Login
Home / Fortinet / NSE7_SDW-7.2 / List of questions
Ask Question

Fortinet NSE7_SDW-7.2 Practice Test - Questions Answers, Page 2

Add to Whishlist

List of questions

Question 11

Report Export Collapse

Which two statements about SLA targets and SD-WAN rules are true? (Choose two.)

When configuring an SD-WAN rule, you can select multiple SLA targets of the same performance SLA.
When configuring an SD-WAN rule, you can select multiple SLA targets of the same performance SLA.
SD-WAN rules use SLA targets to check if the preferred members meet the SLA requirements.
SD-WAN rules use SLA targets to check if the preferred members meet the SLA requirements.
SLA targets are used only by SD-WAN rules that are configured with Lowest Cost (SLA) or Maximize Bandwidth (SLA) as strategy.
SLA targets are used only by SD-WAN rules that are configured with Lowest Cost (SLA) or Maximize Bandwidth (SLA) as strategy.
Member metrics are measured only if an SLA target is configured.
Member metrics are measured only if an SLA target is configured.
Suggested answer: B, D
asked 18/09/2024
Sullivan Dabireau
44 questions

Question 12

Report Export Collapse

Which two statements describe how IPsec phase 1 main mode id different from aggressive mode when performing IKE negotiation? (Choose two.)

A peer ID is included in the first packet from the initiator, along with suggested security policies.
A peer ID is included in the first packet from the initiator, along with suggested security policies.
XAuth is enabled as an additional level of authentication, which requires a username and password.
XAuth is enabled as an additional level of authentication, which requires a username and password.
Three packets are exchanged between an initiator and a responder instead of six packets.
Three packets are exchanged between an initiator and a responder instead of six packets.
The use of Diffie Hellman keys is limited by the responder and needs initiator acceptance.
The use of Diffie Hellman keys is limited by the responder and needs initiator acceptance.
Suggested answer: A, C
asked 18/09/2024
Fatmata Kabba
58 questions

Question 13

Report Export Collapse

Which components make up the secure SD-WAN solution?

Application, antivirus, and URL, and SSL inspection
Application, antivirus, and URL, and SSL inspection
Datacenter, branch offices, and public cloud
Datacenter, branch offices, and public cloud
FortiGate, FortiManager, FortiAnalyzer, and FortiDeploy
FortiGate, FortiManager, FortiAnalyzer, and FortiDeploy
Telephone, ISDN, and telecom network.
Telephone, ISDN, and telecom network.
Suggested answer: C
asked 18/09/2024
Salman Hashmi
41 questions

Question 14

Report Export Collapse

Refer to the exhibit.

Fortinet NSE7_SDW-7.2 image Question 14 27214 09182024190937000000

Based on the output shown in the exhibit, which two criteria on the SD-WAN member configuration can be used to select an outgoing interface in an SD-WAN rule? (Choose two.)

Set priority 10.
Set priority 10.
Set cost 15.
Set cost 15.
Set load-balance-mode source-ip-ip-based.
Set load-balance-mode source-ip-ip-based.
Set source 100.64.1.1.
Set source 100.64.1.1.
Suggested answer: A, B
asked 18/09/2024
Nichal Maharaj
49 questions

Question 15

Report Export Collapse

What are two reasons why FortiGate would be unable to complete the zero-touch provisioning process? (Choose two.)

The FortiGate cloud key has not been added to the FortiGate cloud portal.
The FortiGate cloud key has not been added to the FortiGate cloud portal.
FortiDeploy has connected with FortiGate and provided the initial configuration to contact FortiManager
FortiDeploy has connected with FortiGate and provided the initial configuration to contact FortiManager
The zero-touch provisioning process has completed internally, behind FortiGate.
The zero-touch provisioning process has completed internally, behind FortiGate.
FortiGate has obtained a configuration from the platform template in FortiGate cloud.
FortiGate has obtained a configuration from the platform template in FortiGate cloud.
A factory reset performed on FortiGate.
A factory reset performed on FortiGate.
Suggested answer: A, C
asked 18/09/2024
Vincent Chung
43 questions

Question 16

Report Export Collapse

Which two statements describe how IPsec phase 1 main mode is different from aggressive mode when performing IKE negotiation? (Choose two )

A peer ID is included in the first packet from the initiator, along with suggested security policies.
A peer ID is included in the first packet from the initiator, along with suggested security policies.
XAuth is enabled as an additional level of authentication, which requires a username and password.
XAuth is enabled as an additional level of authentication, which requires a username and password.
A total of six packets are exchanged between an initiator and a responder instead of three packets.
A total of six packets are exchanged between an initiator and a responder instead of three packets.
The use of Diffie Hellman keys is limited by the responder and needs initiator acceptance.
The use of Diffie Hellman keys is limited by the responder and needs initiator acceptance.
Suggested answer: B, C
asked 18/09/2024
Wallace Davison
45 questions

Question 17

Report Export Collapse

Refer to the exhibit.

Fortinet NSE7_SDW-7.2 image Question 17 27217 09182024190937000000

Based on the exhibit, which action does FortiGate take?

FortiGate bounces port5 after it detects all SD-WAN members as dead.
FortiGate bounces port5 after it detects all SD-WAN members as dead.
FortiGate fails over to the secondary device after it detects all SD-WAN members as dead.
FortiGate fails over to the secondary device after it detects all SD-WAN members as dead.
FortiGate brings up port5 after it detects all SD-WAN members as alive.
FortiGate brings up port5 after it detects all SD-WAN members as alive.
FortiGate brings down port5 after it detects all SD-WAN members as dead.
FortiGate brings down port5 after it detects all SD-WAN members as dead.
Suggested answer: A
asked 18/09/2024
Francesco Gallo
38 questions

Question 18

Report Export Collapse

What are two benefits of choosing packet duplication over FEC for data loss correction on noisy links? (Choose two.)

Packet duplication can leverage multiple IPsec overlays for sending additional data.
Packet duplication can leverage multiple IPsec overlays for sending additional data.
Packet duplication does not require a route to the destination.
Packet duplication does not require a route to the destination.
Packet duplication supports hardware offloading.
Packet duplication supports hardware offloading.
Packet duplication uses smaller parity packets which results in less bandwidth consumption.
Packet duplication uses smaller parity packets which results in less bandwidth consumption.
Suggested answer: A, C
asked 18/09/2024
Pedram Habibi
43 questions

Question 19

Report Export Collapse

Refer to the exhibit.

Fortinet NSE7_SDW-7.2 image Question 19 27219 09182024190937000000

The exhibit shows the SD-WAN rule status and configuration.

Based on the exhibit, which change in the measured packet loss will make T_INET_1_0 the new preferred member?

When all three members have the same packet loss.
When all three members have the same packet loss.
When T_INET_0_0 has 4% packet loss.
When T_INET_0_0 has 4% packet loss.
When T_INET_0_0 has 12% packet loss.
When T_INET_0_0 has 12% packet loss.
When T_INET_1_0 has 4% packet loss.
When T_INET_1_0 has 4% packet loss.
Suggested answer: D
asked 18/09/2024
Salih Igde
44 questions

Question 20

Report Export Collapse

What are two benefits of using the Internet service database (ISDB) in an SD-WAN rule? (Choose two.)

The ISDB is dynamically updated and reduces administrative overhead.
The ISDB is dynamically updated and reduces administrative overhead.
The ISDB requires application control to maintain signatures and perform load balancing.
The ISDB requires application control to maintain signatures and perform load balancing.
The ISDB applies rules to traffic from specific sources, based on application type.
The ISDB applies rules to traffic from specific sources, based on application type.
The ISDB contains the IP addresses and port ranges of well-known internet services.
The ISDB contains the IP addresses and port ranges of well-known internet services.
Suggested answer: A, D
asked 18/09/2024
Jordan Reid
41 questions
Total 99 questions
Go to page: of 10
Open VPLUS File
Convert VPLUS to PDF

Related questions

Refer to the exhibit. Based on the output shown in the exhibit, which two criteria on the SD-WAN member configuration can be used to select an outgoing interface in an SD-WAN rule? (Choose two.)
In which SD-WAN template field can you use a metadata variable?
Refer to the exhibit. The exhibit shows the details of a session and the index numbers of some relevant interfaces on a FortiGate appliance that supports hardware offloading. Based on the information shown in the exhibits, which two statements about the session are true? (Choose two.)
What are two reasons for using FortiManager to organize and manage the network for a group of FortiGate devices? (Choose two.)
Which two statements describe how IPsec phase 1 main mode id different from aggressive mode when performing IKE negotiation? (Choose two.)
Refer to the exhibit. Based on the exhibit, which two actions does FortiGate perform on sessions after a firewall policy change? (Choose two.)
Refer to the exhibit. Based on the exhibit, which two statements are correct about the health of the selected members? (Choose two.)
What are two benefits of using the Internet service database (ISDB) in an SD-WAN rule? (Choose two.)
Refer to the exhibit. In a dual-hub hub-and-spoke SD-WAN deployment, which is a benefit of disabling the anti-replay setting on the hubs?
Refer to the exhibit. Which statement explains the output shown in the exhibit?